evolution
Page content
- Author: voroskoi
- Vulnerable: 2.10.0-1
- Unaffected: 2.10.0-2terminus1
Secunia Research has discovered a vulnerability in Evolution, which potentially can be exploited by malicious people to compromise a vulnerable system. A format string error in the “write_html()” function in calendar/gui/e-cal-component-memo-preview.c when displaying a memo’s categories can potentially be exploited to execute arbitrary code via a specially crafted shared memo containing format specifiers. Successful exploitation requires that the user opens a shared memo in their mailbox, clicks on “Accept”, and views the memo under the “Memo” tab.
- Bug Tracker URL: http://bugs.frugalware.org/task/1852